gdb查看汇编代码的例子
操作步骤
- 用 gdb 启动可执行文件:
gdb executable_file
- 在 gdb 中设置断点:
break function_name
或者break *memory_address
- 运行程序:
run
- 当程序停止在断点处时,使用
disassemble
命令来查看汇编代码:
- 查看当前函数的汇编代码:
disassemble
- 查看某个地址的汇编代码:
disassemble memory_address
- 查看当前函数某个范围内的汇编代码:
disassemble start_address,end_address
- 查看当前函数的某个汇编指令的源代码位置:
list *instruction_address
注意:如果您使用的是 Intel 架构的处理器,可以在 gdb 中使用 set disassembly-flavor intel
命令来切换汇编代码的格式为 Intel 格式。默认情况下,汇编代码是 AT&T 格式的。
范例x86
#include <stdio.h>
int add(int a, int b) {
return a + b;
}
int main() {
int a = 10, b = 20;
int c = add(a, b);
printf("The sum of %d and %d is %d\n", a, b, c);
return 0;
}
现在可以使用 gdb 工具来查看该程序的汇编代码。以下是一个示例 gdb 会话:
$ gdb test
(gdb) break main
Breakpoint 1 at 0x1189: file test.c, line 9.
(gdb) run
Starting program: /path/to/test
Breakpoint 1, main () at test.c:9
9 int a = 10, b = 20;
(gdb) disassemble add
Dump of assembler code for function add:
0x000000000000112d <+0>: push %rbp
0x000000000000112e <+1>: mov %rsp,%rbp
0x0000000000001131 <+4>: mov %edi,-0x4(%rbp)
0x0000000000001134 <+7>: mov %esi,-0x8(%rbp)
0x0000000000001137 <+10>: mov -0x8(%rbp),%eax
0x000000000000113a <+13>: add -0x4(%rbp),%eax
0x000000000000113d <+16>: pop %rbp
0x000000000000113e <+17>: retq
End of assembler dump.
(gdb) disassemble main
Dump of assembler code for function main:
0x0000000000001189 <+0>: push %rbp
0x000000000000118a <+1>: mov %rsp,%rbp
0x000000000000118d <+4>: sub $0x10,%rsp
0x0000000000001191 <+8>: movl $0xa,-0x4(%rbp)
0x0000000000001198 <+15>: movl $0x14,-0x8(%rbp)
0x000000000000119f <+22>: mov -0x8(%rbp),%edx
0x00000000000011a2 <+25>: mov -0x4(%rbp),%eax
0x00000000000011a5 <+28>: mov %edx,%esi
0x00000000000011a7 <+30>: mov %eax,%edi
0x00000000000011a9 <+32>: callq 0x112d <add>
0x00000000000011ae <+37>: mov %eax,-0xc(%rbp)
0x00000000000011b1 <+40>: mov -0x4(%rbp),%eax
范例arm64
#include <stdio.h>
int add(int a, int b) {
return a + b;
}
int main() {
int a = 10, b = 20;
int c = add(a, b);
printf("The sum of %d and %d is %d\n", a, b, c);
return 0;
}
假设将该程序保存为 test.c
,并使用以下命令将其编译为可执行文件:
aarch64-linux-gnu-gcc -g -o test test.c
现在可以使用 gdb 工具来查看该程序的汇编代码。以下是一个示例 gdb 会话:
$ aarch64-linux-gnu-gdb test
(gdb) break main
Breakpoint 1 at 0x40068c: file test.c, line 9.
(gdb) run
Starting program: /path/to/test
Breakpoint 1, main () at test.c:9
9 int a = 10, b = 20;
(gdb) disassemble add
Dump of assembler code for function add:
0x0000000000400664 <+0>: stp x29, x30, [sp, #-16]!
0x0000000000400668 <+4>: mov x29, sp
0x000000000040066c <+8>: str w0, [sp, #8]
0x0000000000400670 <+12>: str w1, [sp, #4]
0x0000000000400674 <+16>: ldr w0, [sp, #8]
0x0000000000400678 <+20>: ldr w1, [sp, #4]
0x000000000040067c <+24>: add w0, w0, w1
0x0000000000400680 <+28>: mov sp, x29
0x0000000000400684 <+32>: ldp x29, x30, [sp], #16
0x0000000000400688 <+36>: ret
End of assembler dump.
(gdb) disassemble main
Dump of assembler code for function main:
0x000000000040068c <+0>: stp x29, x30, [sp, #-16]!
0x0000000000400690 <+4>: mov x29, sp
0x0000000000400694 <+8>: mov w1, #20
0x0000000000400698 <+12>: mov w0, #10
0x000000000040069c <+16>: bl 0x400664 <add>
0x00000000004006a0 <+20>: str w0, [sp, #4]
0x00000000004006a4 <+24>: ldr w0, [sp, #4]
0x00000000004006a8 <+28>: mov w1, #20
0x00000000004006ac <+32>: mov w2, #10